Adding IAM support for hubs in terraform

[abhijeetkjha-google]

Added IAM support for the network_connectivity_hub resource

Justification for configurational values:

Justification of Configuration Values

• method_name_separator: ':': The NCC API uses the standard colon separator for custom IAM methods, such as .../hubs/{hub_id}:getIamPolicy ( Network Connectivity A...).
• fetch_iam_policy_verb: 'GET': The Network Connectivity API specifically defines getIamPolicy as a GET request in its service configuration ( Network Connectivity A...).
• import_format: This must match the parent resource's self_link

Release Note Template for Downstream PRs (will be copied)

See Write release notes for guidance.

networkconnectivity: added support for IAM conditions to `google_network_connectivity_hub` resource

[github-actions]

Googlers: For automatic test runs see go/terraform-auto-test-runs.

@hao-nan-li, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look.

You can help make sure that review is quick by doing a self-review and by running impacted tests locally.

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 5 files changed, 779 insertions(+), 2 deletions(-))
google-beta provider: Diff ( 5 files changed, 779 insertions(+), 2 deletions(-))
terraform-google-conversion: Diff ( 2 files changed, 357 insertions(+))

Missing service labels

The following new resources do not have corresponding service labels:

• google_network_connectivity_hub_iam_binding
• google_network_connectivity_hub_iam_member
• google_network_connectivity_hub_iam_policy

If you believe this detection to be incorrect please raise the concern with your reviewer. Googlers: This error is safe to ignore once you've completed go/fix-missing-service-labels.
An override-missing-service-label label can be added to allow merging.

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 5 files changed, 779 insertions(+), 2 deletions(-))
google-beta provider: Diff ( 5 files changed, 779 insertions(+), 2 deletions(-))
terraform-google-conversion: Diff ( 2 files changed, 357 insertions(+))

Missing service labels

The following new resources do not have corresponding service labels:

• google_network_connectivity_hub_iam_binding
• google_network_connectivity_hub_iam_member
• google_network_connectivity_hub_iam_policy

If you believe this detection to be incorrect please raise the concern with your reviewer. Googlers: This error is safe to ignore once you've completed go/fix-missing-service-labels.
An override-missing-service-label label can be added to allow merging.

[modular-magician]

Tests analytics

Total tests: 39
Passed tests: 35
Skipped tests: 1
Affected tests: 3

Click here to see the affected service packages

• networkconnectivity

Action taken

Found 3 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccNetworkConnectivityHubIamBindingGenerated
• TestAccNetworkConnectivityHubIamMemberGenerated
• TestAccNetworkConnectivityHubIamPolicyGenerated

Get to know how VCR tests work

[modular-magician]

🔴 Tests failed during RECORDING mode:
TestAccNetworkConnectivityHubIamBindingGenerated [Error message] [Debug log]
TestAccNetworkConnectivityHubIamMemberGenerated [Error message] [Debug log]
TestAccNetworkConnectivityHubIamPolicyGenerated [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

[modular-magician]

Tests analytics

Total tests: 39
Passed tests: 35
Skipped tests: 1
Affected tests: 3

Click here to see the affected service packages

• networkconnectivity

Action taken

Found 3 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccNetworkConnectivityHubIamBindingGenerated
• TestAccNetworkConnectivityHubIamMemberGenerated
• TestAccNetworkConnectivityHubIamPolicyGenerated

Get to know how VCR tests work

[modular-magician]

🔴 Tests failed during RECORDING mode:
TestAccNetworkConnectivityHubIamBindingGenerated [Error message] [Debug log]
TestAccNetworkConnectivityHubIamMemberGenerated [Error message] [Debug log]
TestAccNetworkConnectivityHubIamPolicyGenerated [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 5 files changed, 779 insertions(+), 2 deletions(-))
google-beta provider: Diff ( 5 files changed, 779 insertions(+), 2 deletions(-))
terraform-google-conversion: Diff ( 2 files changed, 357 insertions(+))

Missing service labels

The following new resources do not have corresponding service labels:

• google_network_connectivity_hub_iam_binding
• google_network_connectivity_hub_iam_member
• google_network_connectivity_hub_iam_policy

If you believe this detection to be incorrect please raise the concern with your reviewer. Googlers: This error is safe to ignore once you've completed go/fix-missing-service-labels.
An override-missing-service-label label can be added to allow merging.

[modular-magician]

Tests analytics

Total tests: 39
Passed tests: 35
Skipped tests: 1
Affected tests: 3

Click here to see the affected service packages

• networkconnectivity

Action taken

Found 3 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccNetworkConnectivityHubIamBindingGenerated
• TestAccNetworkConnectivityHubIamMemberGenerated
• TestAccNetworkConnectivityHubIamPolicyGenerated

Get to know how VCR tests work

[modular-magician]

🔴 Tests failed during RECORDING mode:
TestAccNetworkConnectivityHubIamBindingGenerated [Error message] [Debug log]
TestAccNetworkConnectivityHubIamMemberGenerated [Error message] [Debug log]
TestAccNetworkConnectivityHubIamPolicyGenerated [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 5 files changed, 779 insertions(+), 2 deletions(-))
google-beta provider: Diff ( 5 files changed, 779 insertions(+), 2 deletions(-))
terraform-google-conversion: Diff ( 2 files changed, 357 insertions(+))

Missing service labels

The following new resources do not have corresponding service labels:

• google_network_connectivity_hub_iam_binding
• google_network_connectivity_hub_iam_member
• google_network_connectivity_hub_iam_policy

If you believe this detection to be incorrect please raise the concern with your reviewer. Googlers: This error is safe to ignore once you've completed go/fix-missing-service-labels.
An override-missing-service-label label can be added to allow merging.

[modular-magician]

Tests analytics

Total tests: 39
Passed tests: 35
Skipped tests: 1
Affected tests: 3

Click here to see the affected service packages

• networkconnectivity

Action taken

Found 3 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccNetworkConnectivityHubIamBindingGenerated
• TestAccNetworkConnectivityHubIamMemberGenerated
• TestAccNetworkConnectivityHubIamPolicyGenerated

Get to know how VCR tests work

[modular-magician]

🔴 Tests failed during RECORDING mode:
TestAccNetworkConnectivityHubIamBindingGenerated [Error message] [Debug log]
TestAccNetworkConnectivityHubIamMemberGenerated [Error message] [Debug log]
TestAccNetworkConnectivityHubIamPolicyGenerated [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

[github-actions]

@hao-nan-li This PR has been waiting for review for 3 weekdays. Please take a look! Use the label disable-review-reminders to disable these notifications.

[hao-nan-li]

Looks like the tests failed with the error Error: Provider produced inconsistent final plan

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 5 files changed, 779 insertions(+), 2 deletions(-))
google-beta provider: Diff ( 5 files changed, 779 insertions(+), 2 deletions(-))
terraform-google-conversion: Diff ( 2 files changed, 357 insertions(+))

Missing service labels

The following new resources do not have corresponding service labels:

• google_network_connectivity_hub_iam_binding
• google_network_connectivity_hub_iam_member
• google_network_connectivity_hub_iam_policy

If you believe this detection to be incorrect please raise the concern with your reviewer. Googlers: This error is safe to ignore once you've completed go/fix-missing-service-labels.
An override-missing-service-label label can be added to allow merging.

[modular-magician]

Tests analytics

Total tests: 39
Passed tests: 35
Skipped tests: 1
Affected tests: 3

Click here to see the affected service packages

• networkconnectivity

Action taken

Found 3 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccNetworkConnectivityHubIamBindingGenerated
• TestAccNetworkConnectivityHubIamMemberGenerated
• TestAccNetworkConnectivityHubIamPolicyGenerated

Get to know how VCR tests work

[modular-magician]

🔴 Tests failed during RECORDING mode:
TestAccNetworkConnectivityHubIamBindingGenerated [Error message] [Debug log]
TestAccNetworkConnectivityHubIamMemberGenerated [Error message] [Debug log]
TestAccNetworkConnectivityHubIamPolicyGenerated [Error message] [Debug log]

🔴 Errors occurred during RECORDING mode. Please fix them to complete your PR.

View the build log or the debug log for each test

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 6 files changed, 784 insertions(+), 4 deletions(-))
google-beta provider: Diff ( 6 files changed, 784 insertions(+), 4 deletions(-))
terraform-google-conversion: Diff ( 3 files changed, 358 insertions(+), 1 deletion(-))

Missing service labels

The following new resources do not have corresponding service labels:

• google_network_connectivity_hub_iam_binding
• google_network_connectivity_hub_iam_member
• google_network_connectivity_hub_iam_policy

If you believe this detection to be incorrect please raise the concern with your reviewer. Googlers: This error is safe to ignore once you've completed go/fix-missing-service-labels.
An override-missing-service-label label can be added to allow merging.

[modular-magician]

Tests analytics

Total tests: 39
Passed tests: 30
Skipped tests: 1
Affected tests: 8

Click here to see the affected service packages

• networkconnectivity

Action taken

Found 8 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccNetworkConnectivityHubIamBindingGenerated
• TestAccNetworkConnectivityHubIamMemberGenerated
• TestAccNetworkConnectivityHubIamPolicyGenerated
• TestAccNetworkConnectivityHub_networkConnectivityHubBasicExample
• TestAccNetworkConnectivityHub_networkConnectivityHubMeshTopologyExample
• TestAccNetworkConnectivityHub_networkConnectivityHubPolicyModeExample
• TestAccNetworkConnectivityHub_networkConnectivityHubStarTopologyExample
• TestAccNetworkConnectivityHub_networkConnectivityHubWithExportPscExample

Get to know how VCR tests work

[modular-magician]

🟢 Tests passed during RECORDING mode:
TestAccNetworkConnectivityHubIamBindingGenerated [Debug log]
TestAccNetworkConnectivityHubIamMemberGenerated [Debug log]
TestAccNetworkConnectivityHubIamPolicyGenerated [Debug log]
TestAccNetworkConnectivityHub_networkConnectivityHubBasicExample [Debug log]
TestAccNetworkConnectivityHub_networkConnectivityHubMeshTopologyExample [Debug log]
TestAccNetworkConnectivityHub_networkConnectivityHubPolicyModeExample [Debug log]
TestAccNetworkConnectivityHub_networkConnectivityHubStarTopologyExample [Debug log]
TestAccNetworkConnectivityHub_networkConnectivityHubWithExportPscExample [Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

---

🟢 All tests passed!

View the build log or the debug log for each test

[abhijeetkjha-google]

Hi @hao-nan-li , Apologies for late reply, Can you please take a look at it. I have addressed the comments. Thanks.